Saltar a contenido

08 - Processes

What this session is

About 45 minutes. You'll learn what a process is, how to see what's running, how to kill misbehaving programs, and how to manage background jobs.

What's a process

Every running program is a process with: - A PID (process ID) - a unique number. - A user - the user who started it. - Resources - open files, memory, network sockets. - A state - running, sleeping, waiting, zombie.

When you run a command, the shell creates a child process to execute it. When the command finishes, the process exits.

See what's running: ps

ps                       # processes in your current terminal
ps aux                   # ALL processes, with detailed info
ps aux | grep python     # only Python processes

ps aux is the most-used form. Columns:

Column Meaning
USER who started it
PID process ID
%CPU CPU usage
%MEM memory usage
VSZ / RSS virtual / resident memory (KB)
TTY terminal it's attached to (? if none)
STAT state (R running, S sleeping, Z zombie, T stopped)
START / TIME when started / cumulative CPU time
COMMAND what's running

Live view: top and htop

top is the classic interactive process viewer:

top

Press q to quit. M to sort by memory. P by CPU. 1 to show per-CPU breakdown.

htop is the modern, prettier alternative. Install: - sudo apt install htop - brew install htop

htop

F10 or q to quit. Use arrows to scroll; F9 to kill (with menu). Much easier than top.

btop (newer) is similar - colorful, more visual. Try it: sudo apt install btop / brew install btop.

Killing a process

kill PID                # send the default signal (TERM - polite request to exit)
kill -9 PID             # send SIGKILL - force kill (process can't ignore)
killall name            # kill all processes named "name"
pkill name              # similar

The two signals to know: - SIGTERM (15) - the default. "Please exit cleanly." The process can save state, close files, then exit. - SIGKILL (9) - "Die now." The kernel terminates the process immediately. No cleanup. Use only when SIGTERM doesn't work.

kill 1234          # SIGTERM to PID 1234
kill -TERM 1234    # same
kill -9 1234       # SIGKILL - use as last resort

Running things in the background

Add & to run a command in the background, freeing your terminal:

sleep 60 &
[1] 12345          # the shell tells you job # and PID

Your terminal returns. The process runs.

To see your background jobs in this shell:

jobs

To bring a background job to the foreground:

fg              # bring last
fg %1           # bring job #1

To send a foreground job to the background: - Press Ctrl-Z to suspend (pause it). - Type bg to continue it in the background.

To kill a job:

kill %1         # kill job #1

Long-running processes that survive logout

Jobs started with & die when you log out. For things that should survive:

nohup ./long-job.sh &      # ignore hangup signal

Output goes to nohup.out by default.

The modern alternative: tmux or screen - terminal multiplexers. Start a session, run things in it, detach, log out, come back hours later, reattach. Out of scope here; install and learn one - tmux is the more popular.

For production services: use systemd units (/etc/systemd/system/myservice.service). Beyond beginner; mentioned for recognition.

Process tree: pstree

pstree
pstree -p          # include PIDs
pstree alice       # only alice's processes

Shows parent-child relationships visually. Useful for understanding what spawned what.

Why a process won't die

Sometimes kill PID doesn't work: 1. The process is in uninterruptible sleep (waiting on disk or kernel - state D in ps). Wait it out; reboot if persistent. 2. The process is a child of another, and the parent ignores SIGCHLD. Kill the parent. 3. You don't own the process. sudo kill PID if you must.

Last resort always: sudo kill -9 PID.

Exercise

  1. List your processes: 

    ps -u $USER

  2. Count Python processes on your system: 

    ps aux | grep python | wc -l
    (Note: this counts the grep itself too. ps aux | grep python | grep -v grep | wc -l to exclude.)

  3. Start a sleep in the background: 

    sleep 120 &
jobs
    Note the PID. Bring it back to the foreground: 
    fg
    Press Ctrl-Z to suspend, then bg to continue background, then kill it: 
    kill %1

  4. Launch htop (or top). Sort by memory (in htop, F6 → MEM%; in top, press M). Find the biggest process. Quit.

  5. Bonus: find what process is using a given file: 

    lsof | grep filename       # may need to install lsof
    Or what's listening on a port: 
    ss -tlnp                   # TCP listening sockets, with process info

What you might wonder

"What's a zombie process?" A process that has finished but whose exit status hasn't been reaped by its parent. It still has a PID but no resources. Mostly harmless; reflects a buggy parent. Reboot clears them.

"Why does kill need a number? What are all the signals?" kill -l shows them all. The common ones: - 1 SIGHUP - terminal hangup; often triggers reload in daemons. - 2 SIGINT - what Ctrl-C sends. - 9 SIGKILL - uncatchable. - 15 SIGTERM - polite termination. - 19 SIGSTOP / 18 SIGCONT - pause / resume.

"How do I run a job on a schedule?" cron (Linux/macOS) or systemd timers. crontab -e to edit your scheduled jobs. Out of scope here; useful to know it exists.

"What's the relationship between processes and threads?" A process can have multiple threads (lighter-weight units of execution within the process, sharing memory). For most beginner tasks, this distinction doesn't matter. ps -L shows threads if you need to see them.

Done

  • Inspect processes with ps aux, top, htop.
  • Kill processes with kill, killall, pkill.
  • Distinguish SIGTERM (15) from SIGKILL (9).
  • Run jobs in the background (&, jobs, fg, bg).
  • Keep jobs alive past logout (nohup, tmux).

Next: Shell scripting basics →

Comments